diff options
author | Ade Lee <alee@redhat.com> | 2015-02-11 16:28:50 -0500 |
---|---|---|
committer | Ade Lee <alee@redhat.com> | 2015-02-26 23:21:46 -0500 |
commit | 705084a0021e161f1b4cea25dbaf622cfe68c47e (patch) | |
tree | bd423d083327a96423b9864e7851dffcc5b5ef99 /base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java | |
parent | 3b6664da6c762a592573d5fa05043ecca20bf7a7 (diff) | |
download | pki-705084a0021e161f1b4cea25dbaf622cfe68c47e.tar.gz pki-705084a0021e161f1b4cea25dbaf622cfe68c47e.tar.xz pki-705084a0021e161f1b4cea25dbaf622cfe68c47e.zip |
Add granularity to token termination in TPS
BZ 1163987. Added revocation checks to optionally revoke
expired certs, and handle cases where certs are shared on multiple
tokens.
Diffstat (limited to 'base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java')
-rw-r--r-- | base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java b/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java index 482236bc3..c74fe2cb6 100644 --- a/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java +++ b/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java @@ -1004,7 +1004,7 @@ public class TPSEnrollProcessor extends TPSProcessor { * Get certs from the tokendb for this token to find out about * renewal possibility */ - ArrayList<TPSCertRecord> allCerts = tps.tdb.tdbGetCertificatesByCUID(tokenRecord.getId()); + ArrayList<TPSCertRecord> allCerts = tps.tdb.tdbGetCertRecordsByCUID(tokenRecord.getId()); certsInfo.setNumCertsToEnroll(keyTypeNum); @@ -1366,7 +1366,7 @@ public class TPSEnrollProcessor extends TPSProcessor { actualCertIndex++; } - ArrayList<TPSCertRecord> certs = tps.tdb.tdbGetCertificatesByCUID(toBeRecovered.getId()); + ArrayList<TPSCertRecord> certs = tps.tdb.tdbGetCertRecordsByCUID(toBeRecovered.getId()); String serialToRecover = null; TPSCertRecord certToRecover = null; @@ -1441,10 +1441,11 @@ public class TPSEnrollProcessor extends TPSProcessor { } } - // set cert status to active - certToRecover.setStatus("active"); try { - tps.tdb.tdbUpdateCertEntry(certToRecover); + // set cert status to active + tps.tdb.updateCertsStatus(certToRecover.getSerialNumber(), + certToRecover.getIssuedBy(), + "active"); } catch (Exception e) { auditMsg = "failed tdbUpdateCertEntry"; CMS.debug(method + ":" + auditMsg); |